[Git][security-tracker-team/security-tracker][master] NFUs

Mon, 02 Nov 2020 06:43:48 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6ae2fc64 by Moritz Muehlenhoff at 2020-11-02T15:43:13+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12,7 +12,7 @@ CVE-2020-28044 (An attacker with physical access to a PAX 
Point Of Sale device w
 CVE-2020-28043 (MISP through 2.4.133 allows SSRF in the REST client via the 
use_full_p ...)
        NOT-FOR-US: MISP
 CVE-2020-28042 (ServiceStack before 5.9.2 mishandles JWT signature 
verification unless ...)
-       TODO: check
+       NOT-FOR-US: ServiceStack
 CVE-2020-28041 (The SIP ALG implementation on NETGEAR Nighthawk R7000 
1.0.9.64_10.2.64 ...)
        NOT-FOR-US: Netgear
 CVE-2020-28040 (WordPress before 5.5.2 allows CSRF attacks that change a 
theme's backg ...)
@@ -914,7 +914,7 @@ CVE-2020-27710
 CVE-2020-27709
        RESERVED
 CVE-2020-27708 (A vulnerability exists in the Origin Client that could allow a 
non-Adm ...)
-       TODO: check
+       NOT-FOR-US: Electronic Arts
 CVE-2020-27707
        RESERVED
 CVE-2020-27706
@@ -4454,7 +4454,7 @@ CVE-2020-26207
 CVE-2020-26206
        RESERVED
 CVE-2020-26205 (Sal is a multi-tenanted reporting dashboard for Munki with the 
ability ...)
-       TODO: check
+       NOT-FOR-US: Sal
 CVE-2020-26204
        RESERVED
 CVE-2020-26203
@@ -5252,7 +5252,7 @@ CVE-2020-25851
 CVE-2020-25850
        RESERVED
 CVE-2020-25849 (MailGates and MailAudit products contain Command Injection 
flaw, which ...)
-       TODO: check
+       NOT-FOR-US: MailGates and MailAudit
 CVE-2020-25848
        RESERVED
 CVE-2020-25847
@@ -28831,7 +28831,7 @@ CVE-2020-14752 (Vulnerability in the Hyperion Lifecycle 
Management product of Or
 CVE-2020-14751
        RESERVED
 CVE-2020-14750 (Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion M ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2020-14749
        RESERVED
 CVE-2020-14748
@@ -39484,7 +39484,7 @@ CVE-2020-11174 (u'Array index underflow issue in adsp 
driver due to improper che
 CVE-2020-11173 (u'Two threads running simultaneously from user space can lead 
to race  ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11172 (u'fscanf reads a string from a file and stores its contents on 
a stati ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11171
        RESERVED
 CVE-2020-11170
@@ -39522,7 +39522,7 @@ CVE-2020-11155 (u'Buffer overflow while processing PDU 
packet in bluetooth due t
 CVE-2020-11154 (u'Buffer overflow while processing a crafted PDU data packet 
in blueto ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11153 (u'Out of bound memory access while processing GATT data 
received due t ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11152
        RESERVED
 CVE-2020-11151
@@ -39600,7 +39600,7 @@ CVE-2020-11116 (u'Possible out of bound write while 
processing association respo
 CVE-2020-11115 (u'Buffer over read occurs while processing information element 
from be ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11114 (u'Bluetooth devices does not properly restrict the L2CAP 
payload lengt ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2020-5291 (Bubblewrap (bwrap) before version 0.4.1, if installed in setuid 
mode a ...)
        - bubblewrap 0.4.1-1 (low; bug #955441)
        [buster] - bubblewrap <not-affected> (Introduced in 0.4.0)
@@ -49353,7 +49353,7 @@ CVE-2020-7386
 CVE-2020-7385
        RESERVED
 CVE-2020-7384 (Rapid7's Metasploit msfvenom framework handles APK files in a 
way that ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2020-7383 (A SQL Injection issue in Rapid7 Nexpose version prior to 6.6.49 
that m ...)
        NOT-FOR-US: Rapid7 Nexpose
 CVE-2020-7382 (Rapid7 Nexpose installer version prior to 6.6.40 contains an 
Unquoted  ...)
@@ -59257,13 +59257,13 @@ CVE-2020-3698 (Out of bound write while QoS DSCP 
mapping due to improper input v
 CVE-2020-3697
        RESERVED
 CVE-2020-3696 (u'Use after free while installing new security rule in ipcrtr 
as old o ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3695
        RESERVED
 CVE-2020-3694 (u'Use out of range pointer issue can occur due to incorrect 
buffer ran ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3693 (u'Use out of range pointer issue can occur due to incorrect 
buffer ran ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3692 (u'Possible buffer overflow while updating output buffer for 
IMEI and G ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3691



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ae2fc6493fbc02b8720211253546df239b21184

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ae2fc6493fbc02b8720211253546df239b21184
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to